package com.interceptor;

import com.model.User;
import com.util.Utils;
import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.transport.http.AbstractHTTPDestination;
import org.w3c.dom.NodeList;

import javax.servlet.http.HttpServletRequest;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPMessage;

public class ValidateSoapHeader extends AbstractPhaseInterceptor<SoapMessage> {

    private SAAJInInterceptor saa = new SAAJInInterceptor();

    public ValidateSoapHeader() {
        super(Phase.PRE_PROTOCOL);
        getAfter().add(SAAJInInterceptor.class.getName());
    }

    public void handleMessage(SoapMessage message) throws Fault {
        //validate ip
        HttpServletRequest request = (HttpServletRequest) message.get(AbstractHTTPDestination.HTTP_REQUEST);
        if (null != request) {
            String ip = request.getHeader("x-forwarded-for");
            if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("Proxy-Client-IP");
            }
            if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("WL-Proxy-Client-IP");
            }
            if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getRemoteAddr();
            }
            if (ip == null) {
                throw new Fault(new SOAPException("ip不能为空！"));
            }
            if (!Utils.judgeClientIpByName(ip)) {
                throw new Fault(new SOAPException("该ip不在白名单之中！"));
            }
        }
        //validate user password
        SOAPMessage mess = message.getContent(SOAPMessage.class);
        if (mess == null) {
            saa.handleMessage(message);
            mess = message.getContent(SOAPMessage.class);
        }
        SOAPHeader head = null;
        try {
            head = mess.getSOAPHeader();
            if (head == null) {
                throw new Fault(new SOAPException("SOAP头信息不能为空！"));
            }
        } catch (SOAPException e) {
            e.printStackTrace();
        }
        try {
            //读取自定义的节点
            NodeList nodes = head.getElementsByTagName("tns:username");
            NodeList nodepass = head.getElementsByTagName("tns:password");
            String username = nodes.item(0).getTextContent();
            String password = nodepass.item(0).getTextContent();
            if (StringUtils.isBlank(username.trim())) {
                throw new Fault(new SOAPException("用户名不能为空！"));
            }
            if (StringUtils.isBlank(password.trim())) {
                throw new Fault(new SOAPException("密码不能为空！"));
            }

            User user = Utils.getUserByUsername(username);
            if (user == null) {
                throw new Fault(new SOAPException("该用户不存在！"));
            }
            if (!user.getPassword().equals(password)) {
                throw new Fault(new SOAPException("密码不正确！"));
            }
        } catch (Exception e) {
            SOAPException soapExc = new SOAPException("认证错误");
            throw new Fault(soapExc);
        }
    }
}
